A storage system is a computer that provides storage service relating to the organization of information on writeable persistent storage devices, such as memories, tapes or disks. The storage system is commonly deployed within a storage area network (SAN) or a network attached storage (NAS) environment. When used within a NAS environment, the storage system may be embodied as a file server including a storage operating system that implements a file system to logically organize the information as a hierarchical structure of directories and files on, e.g. the disks. Each “on-disk” file may be implemented as a set of data structures, e.g., disk blocks, configured to store information, such as the actual data for the file. A directory, on the other hand, may be implemented as a specially formatted file in which information about other files and directories are stored.
The file server, or filer, may be further configured to operate according to a client/server model of information delivery to thereby allow many client systems (clients) to access shared resources, such as files, stored on the filer. Sharing of files is a hallmark of a NAS system, which is enabled because of semantic level access to files and file systems. Storage of information on a NAS system is typically deployed over a computer network comprising a geographically distributed collection of interconnected communication links, such as Ethernet, that allow clients to remotely access the information (files) stored on the file server. The clients typically communicate with the filer by exchanging discrete frames or packets of data according to pre-defined protocols, such as the well-known Transmission Control Protocol/Internet Protocol (TCP/IP).
In the client/server model, the client may comprise an application executing on a computer that “connects” to the filer over a computer network, such as a point-to-point link, shared local area network, wide area network or virtual private network implemented over a public network, such as the well-known Internet. NAS systems generally utilize file-based access protocols; therefore, each client may request the services of the filer by issuing file system protocol messages (in the form of packets) to the file system over the network. By supporting a plurality of file system protocols, such as the conventional Common Internet File System (CIFS), the Network File System (NFS) and the Direct Access File System (DAFS) protocols, the utility of the filer may be enhanced for networking clients.
Conversely, a SAN is a high-speed network that enables establishment of direct connections between a storage system and its storage devices. The SAN may thus be viewed as an extension to a storage bus and, as such, a storage operating system of the storage system enables access to stored information using block-based access protocols over the “extended bus.” In this context, the extended bus is typically embodied as Fibre Channel (FC) or Ethernet media adapted to operate with block access protocols, such as Small Computer Systems Interface (SCSI) protocol encapsulation over FC (FCP) or TCP/IP/Ethernet (iSCSI). A SAN arrangement or deployment allows decoupling of storage from the storage system, such as an application server, and some level of storage sharing at the application server level. There are, however, environments wherein a SAN is dedicated to a single server.
In a SAN environment, a storage system exports a number of logical unit numbers (lun) to its clients. Each of the clients of a storage system may not have permission to access all of the luns exported by a given storage system. In such a case, the storage system utilizes a lun masking technique so that only the luns that are accessible by the client are visible to that client. To accomplish this lun masking, the storage system maintains a table identifying each client of the storage system and the set of luns that it may access. When a client issues a command addressed to a given lun, the storage system then first determines whether that client has the requisite permission to access the specified lun.
In a typical storage system, each lun will have associated with it a list of client identifiers that may access the given lun. In a Fibre Channel or iSCSI network configuration, the client identifier is typically a world wide name (WWN) embodied as a Node Name. Thus, each time a client (or SCSI initiator) issues a command directed to a lun serviced by a storage system, the storage system examines a listing of associated client identifiers to determine if the requesting client may perform the operation and access the specified lun. If the requesting client may not access the specified lun, then the storage system returns an error message, using conventional SCSI protocol operations, to the requesting client. Otherwise, the client may access the specific lun. A noted disadvantage of such systems is that the storage system must first locate the data structure associated with the specified lun, which is often contained in a linked list. After locating the data structure, typically by stepping through the linked list, the storage system must then identifies whether the client has access to the specified lun, typically by examining a list of client WWNs stored in the lun data structure. This conventional method introduces a high processing overhead to each command issued to a lun associated with a storage system utilizing lun masking.
Another noted disadvantage of conventional lun masking techniques is that each lun associated with a storage system is exported using a lun value associated with the storage system. As a storage system typically serves many more luns then a given client may access, the lun values (numbers) may become quite large. Certain clients, for example those executing older operating systems or drivers, may not be capable of accessing lun values (numbers) higher than seven, i.e., they may only access lun values 0-7. Thus, these clients may be incompatible with a given storage system configuration.